Subscribe to:

Subscribe to :: ::

Stagefright 2.0 Exploits Android Vulnerabilities

October 2, 2015 by mphillips  
Filed under Mobile

Newly found vulnerabilities in the way Android handles media files can allow attackers to compromise devices by tricking users into visiting maliciously crafted Web pages.

The vulnerabilities can lead to remote code execution on almost all devices that run Android, starting with version 1.0 of the OS released in 2008 to the latest 5.1.1, researchers from mobile security firm Zimperium said in a report published Thursday.

The flaws are in the way Android processes the metadata of MP3 audio files and MP4 video files, and they can be exploited when the Android system or another app that relies on Android’s media libraries previews such files.

The Zimperium researchers found similar multimedia processing flaws earlier this year in an Android library called Stagefright that could have been exploited by simply sending Android devices a maliciously crafted MMS message.

Those flaws triggered a coordinated patching effort from device manufacturers that Android’s lead security engineer, Adrian Ludwig, called the “single largest unified software update in the world.” It also contributed to Google, Samsung and LG committing to monthly security updates going forward.

One of the flaws newly discovered by Zimperium is located in a core Android library called libutils and affects almost all devices running Android versions older than 5.0 (Lollipop). The vulnerability can also be exploited in Android Lollipop (5.0 – 5.1.1) by combining it with another bug found in the Stagefright library.

The Zimperium researchers refer to the new attack as Stagefright 2.0 and believe that it affects more than 1 billion devices.

Since the previous attack vector of MMS was closed in newer versions of Google Hangouts and other messaging apps after the previous Stagefright flaws were found, the most straight-forward exploitation method for the latest vulnerabilities is through Web browsers, the Zimperium researchers said.

Zimperium reported the flaws to Google on Aug. 15 and plans to release proof-of-concept exploit code once a fix is released.

That fix will come on Oct. 5 as part of the new scheduled monthly Android security update, a Google representative said.





MediaTek Building Ecosystem To Power IoT

October 2, 2015 by Michael  
Filed under Computing

MediaTek is quietly building an ecosystem to drive IoT strategy to push its System on Chip shipments across multiple devices.

The fabless chipmaker is signing partnerships with Amazon, Tinitell, Apple, and People Power.

MediaTek is starting to come out of the shadows in the West with its SoC designs. It sees the IoT as a way to push more of its chips.

It has put in a tender to buy power management outfit Richtek Technology to expand its leadership in Power Management Integrated Circuits (PMIC) to strengthen its overall capabilities for the IoT business model. The deal is expected to close in Q2 2016.

It has provided funding to People Power, a user engagement company providing apps, cloud and mobile services for IoT to further accelerate its penetration in the IoT market in both the U.S. and China, develop new IoT products based on its Fabrux and Influx software architecture

Release of two software development kits (SDKs) for Apple HomeKit, the framework in iOS 8 for communicating with and controlling connected accessories in a user’s home.

This is on top of its partnership with Amazon for the latest devices – Amazon Fire TV is powered by MediaTek’s MT8173, a 64-bit quad-core processor and the world’s first multimedia SoC with ARM’s Cortex-A72 cores; Fire HD 8 and Fire HD 10 tablets powered by MT8135, an up to 1.5 GHz quad-core processor, resulting in a fast and fluid user interface, and smooth running HD videos and high frame-rate games.

Chief Marketing Officer, Johan Lodenius said the company’s cunning plan was to innvovate widely available technology that provides integrated connectivity, while investing in and nurturing developers and the maker community to deliver practical yet innovative solutions.



Ghost Push Malware Giving Android A Hard Time

October 2, 2015 by Michael  
Filed under Mobile

Put your Android whatever back in its sand bucket. It is facing another threat. This one is spooky sounding and has been dubbed Ghost Push by Yang Yang and Jordan Pan of the Trend Micro security labs outfit.

The threat presents itself to people who download things from untrusted third-party stores, which is not everyone, and seems to behave in a way that is sophisticated – unlike perhaps people who download things from untrusted sites. Ghost Push is not new and neither is this method of infection.

“Halloween is still a month from now yet Android users are already being haunted by the previously reported Ghost Push malware, which roots devices and makes them download unwanted ads and apps. The malware is usually packaged with apps that users may download from third-party app stores,” said Yang and Pan.

“Further investigation of Ghost Push revealed more recent variants which, unlike older ones, employ routines that make them harder to remove and detect.”

Pan and Yang said that there are some 20 variants of Ghost Push in the wild, and that the threat has been active since April. It has ramped itself up during September and is presenting the worst side of itself in India and Indonesia, where 32 and 24 percent of infected devices can be found.

Trend does not think that this ghost theme is related to the XcodeGhost malware that bothers iOS users, but it does think that someone quite sophisticated is behind the attacks.

“It is likely that a team of cyber criminals are behind Ghost Push and they are not exactly new to the malware creation industry,” the researchers wrote.

“This group has already published 658 different malicious applications (1,259 different versions) in third-party app stores unrelated to Ghost Push. One of these apps has infected more than 100,000 devices, two more than 10,000 and seven more than 1,000.”

Third-party download sites are the reason for most of the affected devices and applications, but Yang and Pan said that a couple made it through to the official Google Play store.

“We also found two legitimate apps unrelated to Ghost Push that the same creators published on Google Play, which have since been removed,” they said, explaining that these apps accumulated some 10,000 downloads before being pulled.

“These show that this group possesses ample technical knowledge to effectively victimise thousands of devices and evade detection,” Yang and Pan said.

Once a device is infected the malware can launch other applications and services and steal personal information.


Facebook Rolled Out Updates For Mobile Profiles

October 2, 2015 by mphillips  
Filed under Around The Net

Facebook Inc introduced updates to mobile profile pages to enable users to better personalize their profiles and more easily control their privacy settings.

Facebook has been looking to improve and ease its mobile profile experience as it makes more of its $10 billion-plus in annual ad revenue off of phones. The updates also come during New York City’s 12th Advertising Week, where Facebook is courting the world’s largest advertisers and companies.

Among the new features are profile videos, or a short looping video clip that users can create in place of a static profile picture. The feature is similar to Vine, a video sharing app owned by Twitter Inc.

Users can also set a temporary profile picture that reverts to their old picture at a specified time. Those who want to support a sports team or charitable cause for a specific week, for example, can choose a picture to display for a short time period.

Facebook also introduced more ways to control privacy settings so that users can curate what pieces of information are public and which are only viewable to “friends,” or people that they have allowed to view profiles.



Google Unveils Two New Nexus Smartphones

October 1, 2015 by mphillips  
Filed under Mobile

Google Inc has rolled out its new Nexus phones in its latest attempt to thwart Apple’s dominant share of the smartphone market.

The launch of the phones, the Nexus 6P and the Nexus 5X, comes a day after Apple Inc reported record first-weekend sales of its new iPhones.

The Nexus 5X 16 GB model will be priced at $379, while the Nexus 6P 32 GB will cost $499, Google said at an event live-streamed on YouTube.

Apple’s 6s and 6s Plus start at $199 and $299, respectively, with a two-year service-provider contract.

Nexus devices, which typically do not sell as much as iPhones or iPads, are a way for the tech giant to showcase its latest advancements in mobile hardware and software.

Google also unveiled a tablet built entirely by the company based on its Android operating system.

The latest version of Android, dubbed Marshmallow, will be available to existing Nexus customers from next week.

The Android mobile platform is a key element in Google’s strategy to maintain revenue from online advertising as people switch from Web browser searches to smartphone apps.

The Nexus 5X is made by South Korea’s LG Electronics Inc and the Nexus 6P by China’s Huawei Technologies Co Ltd . Both phones feature Google’s new fingerprint sensor, Nexus Imprint, which is located on the back.

The fingerprint sensors will help quickly authorize purchases made through Android Pay, the one-touch payment app on Android devices that competes with Apple Pay.

The phones are available for pre-order on the Google Store from a number of countries including the United States, the United Kingdom, Ireland and Japan.

The Pixel C tablet will cost $499 for the 32 GB model and can be bought with a detachable keyboard, which will cost $149.

The tablet will be available in time for the holiday season on the Google Store.



AMD Goes Pro With APUs

October 1, 2015 by Michael  
Filed under Computing

Troubled chipmaker AMD’s has launched its Pro APUs quietly with just one major customer so far, the maker of expensive printer ink HP.

Based on the Godaveri and Carrizo chips, AMD adds its AMD Secure Processor for corporate peace of mind. The new Pro chips include the new AMD Pro A12 chip, which runs at 3.4GHz. All of the new Pro chips are APUs, which mean that they combine both graphics as well as the CPU core. The A12 integrates 12 compute cores (4 CPU cores and 8 GPU cores), based on the Radeon R7 graphics technology running at 800MHz.

What differentiates the new PRO chips from the more conventional models are what AMD calls the AMD Secure Processor, an embedded core that enables the ARM TrustZone secure environment to run on top of the chip. Theoretically, at least, the technology should supply an added layer of security to sensitive apps.

AMD PRO A-Series mobile processors (formerly codenamed “Carrizo PRO”) are aimed at the commercial laptop market. They were made in collaboration with HP, ExactTrak, and Qualcomm. HP is set to flog a few of them in its HP EliteBooks range.

David Bennett, corporate vice president and general manager, Commercial Products, AMD said the AMD PRO processors enable performance, reliability and opportunity for today’s businesses by giving customers choice and affordability to meet their specific business needs.

The AMD PRO A-Series processors are purpose-designed for business, offering long-term value commercial enterprises can depend on including a 24-month longevity commitment, 18-month image stability, commercial-grade quality assurance and available extended OEM warranty support for up to 36 months.

Protection against modern security threats with new enterprise-class security features including Device Guard, Enterprise Data Protection, and Windows Hello biometric authentication.

The AMD PRO A-Series processors are claimed to enable greater management flexibility in a multi-vendor client environment at what AMD calls a business-friendly price.

HP EliteBook G3 705 series pair the PROs with Qualcomm’s SnapdragonTM X5 LTE modem to provide 4G connectivity and location capabilities.

Fram Akiki, senior director of product management at Qualcomm Technologies said that the closer co-operation between AMD, HP, and Qualcomm on the HP EliteBook 705 G3 Series will benefit enterprise users.

The AMD PRO A-Series mobile processors are available today through online resellers and are currently offered on HP EliteBook 705 G3 Series PCs, including HP EliteBook 725, 745 and 755

The HP EliteBook 705 G3 series with the new Pro chips inside them. The business notebook weighs 2.78 pounds and includes 12.5-inch, 14.0-inch and 15.6-inch displays.

The new Pro chips also contain features that were launched with the earlier chips, such as Heterogenous Systems Architecture (HSA 1.0) compliance to allow programmers to more easily program the CPU, as well as an integrated HEVC video decoder.


Tesla Debuts First Electric SUV

October 1, 2015 by mphillips  
Filed under Around The Net

Tesla Motors debuted the first of its long-awaited Model X electric sports-utility vehicles, a product investors are counting on to make the pioneering company profitable after years of losses.

The launch of the Model X represents a milestone for the loss-making Silicon Valley automaker during a period of high spending and modest growth, because it can now boast a second model in production beyond its Model S sedan, launched in 2012.

“I think we got a little carried away with the X,” Chief Executive Officer Elon Musk told reporters ahead of a launch event near the company’s Fremont factory, where luxury Model Xs have been moving down the production line in recent weeks, nearly two years behind the company’s original schedule.

Musk estimated that 25,000 customers had pre-ordered the crossover online or in its stores and that it would take 8-12 months for those ordering from now to receive the SUV.

In retrospect, the company may have done less, Musk said.

“There is far more there than is really necessary to sell a car. And some of the things are so difficult, they make the car better but the difficulty of engineering those parts is so high.”

Between 4,000-6,000 guests filled a cavernous space for the launch. Invited to the event were Model X reservation holders, Tesla employees and Model S and Roadster owners. The Roadster sportscar, which is no longer in production, was the company’s first vehicle.

Musk has said the all-wheel drive Model X – with two electric motors, the ability to travel about 250 miles (about 400 km) on a single charge and seating for seven people – was “the hardest car to build in the world”.

Priced as high as $144,000, it features so-called “falcon-wing” doors that open upward rather than to the side – controlled by sensors that can modulate the height to clear garage ceilings – seats that can be adjusted separately and a panoramic windshield that extends overhead.

Musk said the biggest challenges were making the doors open in a graceful “balletic” manner, the expansive windshield – which he said was the largest piece of glass ever used in a car – plus its sun visor and the moveable seats, which he said were deceptively tricky.

“One of the hardest things to design is a good seat,” he said.

Although global adoption of electric vehicles has been slow, Tesla has been the U.S. pioneer in luxury electric cars charged by batteries. It is betting that high-performance and stylish offerings will boost acceptance amid a sea of alternatives, such as hybrids or electric vehicles powered by hydrogen.

Tesla predicted its SUV would receive 5-star safety ratings in all categories, based on data from its crash tests, due to its low center of gravity, which helps reduce rollovers.


Target To Match Amazon, Walmart Online Prices

October 1, 2015 by mphillips  
Filed under Around The Net

Target Corp says that it will match its online prices with more than two dozen online competitors including and Wal-Mart Stores Inc from Thursday, the Associated Press reported.

The change in policy is a huge change for the fourth-largest U.S. retailer, which until now only matched prices at its own stores and not at online rivals, AP said.

Target is increasing the number of online rivals that it will match from five to 29, including for the first time stores that require membership, such as Costco Wholesale Corp and Sam’s Club.

Target will now allow 14 days, up from seven days, for shoppers to get a price adjustment, AP said.

This is the company’s latest move under Chief Executive Brian Cornell, who has sought to narrow the retailer’s focus to a handful of product lines where Target believes it has an edge on quality and price while also investing to catch up with rivals online.



MediaTek’s Helio X20Goes Neural

October 1, 2015 by Michael  
Filed under Computing

MediaTek has revealed that its latest generation 10 core processor will be targeting neural networks and tge deep learning market.

Nvidia was one of the first to go after this area and Qualcomm is wants ”in” too. There will  be a big scrap for what could be a huge market  for all of these companies.

Kevin JouSr. Vice President & CTO of MediaTek said.

“Cloud-based computing provides big data for training a neural network, but on a device deep learning enables privacy, instantaneous usability of personalized databases. It can speed up the search for the picture you want. This speeds up the search of your personal data including payments, pictures and everything else that we don’t want to have in the cloud. You can just ask Jennifer Lawrence how smart it was to have the nude pictures in the iCloud.”

Kevin has confirmed that MediaTek is developing the deep learning SDK that will support multi-corps. We have seen that company’s Core Pilot 3.0 scheduler can enable the CPU, GPU, DSP and ISP to  work together.

MediaTek’s Chairman and CEO Tsai Ming-kai said that the company has serious IoT and automotive aspirations. You need deep learning to teach a car the difference between a human printed on a piece of paper and the actual human on a street. This is a painful process, but when solved will enable self-driving cars that are promised to hit our streets by 2020, just five years from now.


Samsung Still Pursuing iPhone Users, Offers New Incentives

September 30, 2015 by mphillips  
Filed under Mobile

Samsung will rebate monthly lease and installment payments for the latest Galaxy smartphones up to $120 and will even throw in $100 more for trading in an iPhone.

The offer, however, does excludes devices sold or running on the AT&T network. But it does apparently apply to a lease or installment plan from T-Mobile, Sprint, Verizon Wireless or US Cellular. The devices that are eligible are the Galaxy S6, Galaxy S6 Edge, Galaxy Note 5 and the Galaxy S6 Edge Plus.

In one example, a Galaxy S6 through Verizon would require a $24 monthly payment for 24 months to pay off the device. Samsung’s offer covers those payments up to $120. The redemption period ends Oct. 9, according to online conditions.

For smartphone users switching to Galaxy from the iPhone, the $100 award will come in the form of a $100 Google Play gift card.

This isn’t the first time Samsung has attempted to lure iPhone customers. In August, Samsung offered U.S. iPhone users a 30-day test drive of a Galaxy phone for $1.

Samsung has been hot on the tail of Apple for years, and is expected to set up its own leasing program; Apple announced the iPhone Upgrade Program on Sept. 9. “If Apple does it, then it must be good enough for Samsung,” said Roger Entner, an analyst at Recon Analytics.



Qualcomm Appears To Be Going To India

September 30, 2015 by Michael  
Filed under Computing

Chipmaker Qualcomm is spending a fortune to set up shop in India by making itself the friend of the Indian government.

Qualcomm said it would invest up to $150 million in Indian startups via a venture fund. The announcement coincides with the visit of Prime Minister Narendra Modi to Silicon Valley. Modi is keen to make India a technology hub with lots of mobile resources to help the country grow.

Qualcomm wants to move into India as the China market starts to dry up and it falls foul of regulators.

Executive chairman Paul Jacobs met the Indian prime minister at the Digital Economy event in San Jose and said the venture fund was in support of the government’s Digital India and Make-in-India initiatives.

Jacobs said that Qualcomm shared Modi’s vision to transform India into a digitally empowered society and knowledge economy.

“India is at the cusp of a technology revolution and mobile technologies will lay the foundation for Digital India. We are committed to providing local innovative start-ups with the support needed to help India’s IOE ecosystem grow, increasing consumer choice and availability,” he said.

.The new venture fund, which will be advised by Qualcomm Ventures — an investment arm of the group — is expected to fuel innovation and foster promising Indian startups which are contributing to the Mobile and Internet of Everything ecosystem. It will also aim to provide startups with financial, marketing, technology and business support to help propel them forward in the competitive Indian market.


Is nVidia Preparing A New GPU?

September 30, 2015 by Michael  
Filed under Computing

According to the latest report, it appears that Nvidia is on the verge of releasing a new dual-GPU graphics card that will place two GM200 GPUs on the same PCB.

According to a report from, the upcoming dual-GPU graphics card has not only been already showcased to a couple of select members of the press at a secret briefing in New York City, but some of those have managed to score a sample and are wrapping up their reviews.

According to the same report, the upcoming flagship graphics card could bear the GTX Titan branding. Rather surprising piece of information is that the upcoming dual-GPU graphics card will not be based on the GM204 GPU, which was behind the GTX 980 and GTX 970 graphics card but rather two GM200 GPUs, the same one that is behind both the GTX 980 Ti and the GTX Titan X graphics card.

The precise specifications are still unknown as it is unclear if we are looking at two fully enabled GM200 GPUs with 3072 CUDA cores each, or the cut-down version with 2816 CUDA cores. Since the GTX 980 Ti has a TDP of 250W, it will be quite interesting to see the final TDP on such dual-GPU graphics card and the final clocks for each GPU.

It is also quite surprising that Nvidia managed to keep such graphics card a secret for so long and although it was quite obvious that Nvidia will release a dual-GPU graphics card in order to counter AMD’s upcoming dual Fiji GPU based graphics card, we did not expect it to be ready so soon.

The price of the upcoming dual-GPU graphics card from Nvidia, which is also the most important part of information, is still unknown but if these rumors are true, we should see it quite soon.


Facebook Pursuing TV Advertisers For Its Network

September 29, 2015 by mphillips  
Filed under Around The Net

Facebook Inc unveiled a slew of new advertising products on Sunday, most of which are aimed at luring television advertisers onto the 1.5-billion user social network.

The advertising options, most of which will also be available on Facebook-owned Instagram, are designed to take advantage of the social network’s strengths on mobile devices. It has the world’s most popular smartphone app and generates more than three-quarters of its $10 billion-plus in annual ad revenue on phones.

Facebook is trying to convince advertisers, especially those who use video, that their dollars will be better spent on mobile platforms rather than on TV as users, especially millennials, spend more time on their phones than watching television. The rollout of the new products come ahead of New York City’s 12th Advertising Week, which runs from Monday to Friday and gathers the world’s largest advertisers and companies. Facebook also announced on Sunday that it has 2.5 million active advertisers in total, up from 2 million in February.

Digital video advertising spending is growing rapidly, projected to increase 13 percent to nearly $15 billion by 2019, according to eMarketer. Television ad spending, by comparison, is expected to grow 2 percent in the same time period to $78 billion. “Facebook is listening to the ad community and giving them what they are looking for,” said Debra Aho Williamson, social media marketing analyst with eMarketer. “Does Facebook want video ad dollars? Yes.”

On television, advertisers can buy ads based on how many people they will reach, an approach Facebook has adopted to ease the transition between television spending and digital spending.

In addition, it can target highly specific audiences, such as women aged 18 to 35 years old who have shopped on a specific website, which TV cannot do.



Nearly 18M Americans Victims Of Identity Theft Last Year

September 29, 2015 by mphillips  
Filed under Around The Net

Nealy 18 million people were victims of identity theft in the United States last year, with the majority of crimes targeting credit cards and bank accounts, according to the Department of Justice.

The figure represents 7% of the U.S. population aged 16 or older and is a rise of 1 million people from 2012, the last year for which the DOJ’s Bureau of Justice Statistics published a similar report.

The latest report counts instances where a person experienced misuse of a financial or other account — not simply a breach of their personal information.

Just over two in every five cases involved a credit card account and just under two in five involved a bank account.

About half of all victims first became aware of a problem when they were contacted by a financial institution with a further one in five noticing fraudulent charge in their account.

One positive finding was a drop in the average amount of money lost. The mean out-of-pocket loss per incident fell from $4,804 to $2,895, although many losses were substantially lower, with the median loss unchanged at $100.

Slightly more women then men were victims, but criminals are apparently equal opportunity thieves, with identity theft spread across all age groups, races and income levels. After all, a dollar is a dollar no matter whose account it is in.

The DOJ did note a higher than average rise in the number of victims aged 65 or older, which jumped about 20% to 2.6 million people.



Is Oculus Going Cheap With VR?

September 29, 2015 by Michael  
Filed under Around The Net

Oculus and Samsung had a few milestone announcements to make at yesterday’s keynote for the Connect 2 developer event. Gear VR got an update and halved in price. Oculus signed a few important content partnerships.

Samsung Gear VR, the wearable accessory that allows you to strap a compatible Samsung phone to your face and see the virtual worlds within, got a new version that now costs only $99. That’s without the phone of course, so you will have to BYOD.

Oculus, on the other hand, is bringing some much needed expansion to the content side of the equation. There’s games, movies, TV shows, streaming video, all becoming available in the next few months. This is widely expected by our tech journalist colleagues to finally bring VR into many more homes. We tend to agree that that’s a very real possibility.

Among the more important content partnerships are that with Fox, who’s bringing over 100 of its movies to the Oculus VR Cinema, and Lionsgate. But what’s really expected to bring VR into your average Internet-connected living room is the fact that Netflix follows suit, as will vimeo and Hulu in the fall.

Kids will be able to stare like zombies for hours on end into a VR version of their favourite gamers’ video feeds via Twitch. Hooray!

Facebook also announced 360 degree videos that will become available on the news feed. Disney, Vice, GoPro, Saturday Night Live and others have already been signed up to produce content.

We expect a version of VR goggles to come out soon enough with an Intel Realsense or similar technology, so we’ll be able to tune into someone’s surroundings in realtime. Microsoft’s Hololens seems like a perfect tool for such scenarios.

It’s without a doubt exciting times in the area of VR. Now, whether it will falter like 3D TV has, or live on to see another “day”, it’s too soon to tell. We will be following the developments closely.